«
»

Windows Zero Day Exploit Outed On Twitter

I’m going to go out on a limb and suggest that the folks in Redmond Washington are going to have a very bad day as a zero day exploit, meaning that it has no known fix has been unleashed upon the planet via Twitter.

https://twitter.com/SandboxEscaper/status/1034125195148255235

In short, this exploit is of the privilege escalation variety. Meaning that some miscreant can escalate their user level on an exploited computer to do whatever they want. That’s bad. And you’ll note that in the Tweet above there’s proof of concept code already out there. That means that the bad guys are likely already working on ways to exploit the exploit. Which by the way the exploit in question was confirmed on Twitter by CERT/CC vulnerability analyst Will Dormann:

And CERT/CC has just posted it’s own analysis as well which highlights the fact that there are no known fixes or mitigations. Which is of course very bad. Hopefully Microsoft is on the case and seeing as this is a zero day exploit, won’t wait until Patch Tuesday to come out with a fix for this. Until then, they’ll be under a fair amount of pressure to address this quickly now that this is out there.

 

This entry was posted on August 28, 2018 at 9:17 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Windows Zero Day Exploit Outed On Twitter”

  1. Recently Outed Windows Exploit Now Actively Being Used By Evil Doers | The IT Nerd Says:
    September 6, 2018 at 9:50 am

    […] readers will recall that a pretty bad vulnerability in Windows was disclosed on Twitter last week that had the potential to be really bad if the bad guys stated to exploit that if Microsoft […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading